Anybody works with any flash uploaders? I use Uploadify, but seems it doesn’t matter what kind of one you use.
I need to restrict the upload of the files for all except the authorized users, cause the upload is in admin panel. But I can’t understand why my Yii::app()->user->isGuest checking always return the true. I’m already in admin panel and it returns false for all requests except the flash requests
I don’t know the right way for debug the flash requests, because I truly don’t familiar with flash and in firebug console these requests does not displaying. So for check this I just write some data to new created file.
if ( Yii::app()->user->isGuest ) { file_put_contents(‘1.txt’, ‘true’); }
Put this snippet in your index.php entry-script so the correct session-id can be read from cookie when the session-component gets loaded (means when you access Yii::app()->user->…). Otherwise a new session gets created I guess.
if (isset($_GET['sessionid']))
{
$_COOKIE['sessionid'] = $_GET['sessionid'];
}
But in entry index.php script the $_GET[‘sessionid’] is not defined yet and isset($_GET[‘sessionid’]) will return false. It will be defined only after sending the flash request. So the variable Yii::app()->session->id also undefined, bacause session has not been started.
Well when you’re on the upload-page, you have a valid session (isGuest == false). Now when you upload, the flash-script sends a request that does NOT include the valid session (isGuest == true). So in order to have the same session that you had on the upload-page, you have to make sure the correct session-id is in $_COOKIE array by copying it from $_GET to $_COOKIE. Now when the session component gets loaded (eg. when accessing isGuest), it reads the correct session id from $_COOKIE and everything should work (accessing Yii::app()->user-> like usual).
That’s how I understood the issue? Did I missed something?
The one thing here I can’t understand is that the first print_r return only PHPSESSID and no desired 7f55e9b3eaa2a57e082b26b9513b76cf . So with what should I compare the $_GET[‘sessionid’] value?
Then make sure that both requests have the same $_COOKIE[‘sessionid’]. Otherwise the whole thing won’t work at all since Yii::app()->user->sid is actually stored in the session.
I know you said in a previous post it works, but can you test on the flash-request if $_GET[‘sessionid’] is correctly set? I don’t think that’s the case because the output
On the flash-request, you must make sure $_GET[‘sessionid’] is correctly set. If that’s the case it should get successfully copied to $_COOKIE (as I said please do the copying in the index.php). Then the session component is able to load the same session that you had on the original upload-page. Otherwise a new (empty) session gets created and isGuest will return true of course.
I mean this, put it in index.php just to make sure it gets done as early as possible so everything will work later on:
if (isset($_GET['sessionid']))
{
$_COOKIE['sessionid'] = $_GET['sessionid'];
}
Before playing around with setState() etc., make sure both requests have the same Yii::app()->session->id.